// Copyright 2025 Google LLC
//
// Licensed under the Apache License, Version 2.0 (the "License");
// you may not use this file except in compliance with the License.
// You may obtain a copy of the License at
//
//     https://www.apache.org/licenses/LICENSE-2.0
//
// Unless required by applicable law or agreed to in writing, software
// distributed under the License is distributed on an "AS IS" BASIS,
// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
// See the License for the specific language governing permissions and
// limitations under the License.
//
// Code generated by sidekick. DO NOT EDIT.
#![allow(rustdoc::redundant_explicit_links)]
#![allow(rustdoc::broken_intra_doc_links)]

/// Implements a client for the Binary Authorization API.
///
/// # Example
/// ```
/// # tokio_test::block_on(async {
/// # use google_cloud_binaryauthorization_v1::client::BinauthzManagementServiceV1;
/// let client = BinauthzManagementServiceV1::builder().build().await?;
/// // use `client` to make requests to the Binary Authorization API.
/// # gax::client_builder::Result::<()>::Ok(()) });
/// ```
///
/// # Service Description
///
/// Google Cloud Management Service for Binary Authorization admission policies
/// and attestation authorities.
///
/// This API implements a REST model with the following objects:
///
/// * [Policy][google.cloud.binaryauthorization.v1.Policy]
/// * [Attestor][google.cloud.binaryauthorization.v1.Attestor]
///
/// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
/// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
///
/// # Configuration
///
/// To configure `BinauthzManagementServiceV1` use the `with_*` methods in the type returned
/// by [builder()][BinauthzManagementServiceV1::builder]. The default configuration should
/// work for most applications. Common configuration changes include
///
/// * [with_endpoint()]: by default this client uses the global default endpoint
///   (`https://binaryauthorization.googleapis.com`). Applications using regional
///   endpoints or running in restricted networks (e.g. a network configured
//    with [Private Google Access with VPC Service Controls]) may want to
///   override this default.
/// * [with_credentials()]: by default this client uses
///   [Application Default Credentials]. Applications using custom
///   authentication may need to override this default.
///
/// [with_endpoint()]: super::builder::binauthz_management_service_v_1::ClientBuilder::with_endpoint
/// [with_credentials()]: super::builder::binauthz_management_service_v_1::ClientBuilder::credentials
/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
///
/// # Pooling and Cloning
///
/// `BinauthzManagementServiceV1` holds a connection pool internally, it is advised to
/// create one and the reuse it.  You do not need to wrap `BinauthzManagementServiceV1` in
/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
/// already uses an `Arc` internally.
#[derive(Clone, Debug)]
pub struct BinauthzManagementServiceV1 {
    inner: std::sync::Arc<dyn super::stub::dynamic::BinauthzManagementServiceV1>,
}

impl BinauthzManagementServiceV1 {
    /// Returns a builder for [BinauthzManagementServiceV1].
    ///
    /// ```
    /// # tokio_test::block_on(async {
    /// # use google_cloud_binaryauthorization_v1::client::BinauthzManagementServiceV1;
    /// let client = BinauthzManagementServiceV1::builder().build().await?;
    /// # gax::client_builder::Result::<()>::Ok(()) });
    /// ```
    pub fn builder() -> super::builder::binauthz_management_service_v_1::ClientBuilder {
        gax::client_builder::internal::new_builder(
            super::builder::binauthz_management_service_v_1::client::Factory,
        )
    }

    /// Creates a new client from the provided stub.
    ///
    /// The most common case for calling this function is in tests mocking the
    /// client's behavior.
    pub fn from_stub<T>(stub: T) -> Self
    where
        T: super::stub::BinauthzManagementServiceV1 + 'static,
    {
        Self {
            inner: std::sync::Arc::new(stub),
        }
    }

    pub(crate) async fn new(
        config: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<Self> {
        let inner = Self::build_inner(config).await?;
        Ok(Self { inner })
    }

    async fn build_inner(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<
        std::sync::Arc<dyn super::stub::dynamic::BinauthzManagementServiceV1>,
    > {
        if gaxi::options::tracing_enabled(&conf) {
            return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
        }
        Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
    }

    async fn build_transport(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::BinauthzManagementServiceV1> {
        super::transport::BinauthzManagementServiceV1::new(conf).await
    }

    async fn build_with_tracing(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::BinauthzManagementServiceV1> {
        Self::build_transport(conf)
            .await
            .map(super::tracing::BinauthzManagementServiceV1::new)
    }

    /// A [policy][google.cloud.binaryauthorization.v1.Policy] specifies the [attestors][google.cloud.binaryauthorization.v1.Attestor] that must attest to
    /// a container image, before the project is allowed to deploy that
    /// image. There is at most one policy per project. All image admission
    /// requests are permitted if a project has no policy.
    ///
    /// Gets the [policy][google.cloud.binaryauthorization.v1.Policy] for this project. Returns a default
    /// [policy][google.cloud.binaryauthorization.v1.Policy] if the project does not have one.
    ///
    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
    /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
    pub fn get_policy(&self) -> super::builder::binauthz_management_service_v_1::GetPolicy {
        super::builder::binauthz_management_service_v_1::GetPolicy::new(self.inner.clone())
    }

    /// Creates or updates a project's [policy][google.cloud.binaryauthorization.v1.Policy], and returns a copy of the
    /// new [policy][google.cloud.binaryauthorization.v1.Policy]. A policy is always updated as a whole, to avoid race
    /// conditions with concurrent policy enforcement (or management!)
    /// requests. Returns NOT_FOUND if the project does not exist, INVALID_ARGUMENT
    /// if the request is malformed.
    ///
    /// [google.cloud.binaryauthorization.v1.Policy]: crate::model::Policy
    pub fn update_policy(&self) -> super::builder::binauthz_management_service_v_1::UpdatePolicy {
        super::builder::binauthz_management_service_v_1::UpdatePolicy::new(self.inner.clone())
    }

    /// Creates an [attestor][google.cloud.binaryauthorization.v1.Attestor], and returns a copy of the new
    /// [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the project does not exist,
    /// INVALID_ARGUMENT if the request is malformed, ALREADY_EXISTS if the
    /// [attestor][google.cloud.binaryauthorization.v1.Attestor] already exists.
    ///
    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
    pub fn create_attestor(
        &self,
    ) -> super::builder::binauthz_management_service_v_1::CreateAttestor {
        super::builder::binauthz_management_service_v_1::CreateAttestor::new(self.inner.clone())
    }

    /// Gets an [attestor][google.cloud.binaryauthorization.v1.Attestor].
    /// Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
    ///
    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
    pub fn get_attestor(&self) -> super::builder::binauthz_management_service_v_1::GetAttestor {
        super::builder::binauthz_management_service_v_1::GetAttestor::new(self.inner.clone())
    }

    /// Updates an [attestor][google.cloud.binaryauthorization.v1.Attestor].
    /// Returns NOT_FOUND if the [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
    ///
    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
    pub fn update_attestor(
        &self,
    ) -> super::builder::binauthz_management_service_v_1::UpdateAttestor {
        super::builder::binauthz_management_service_v_1::UpdateAttestor::new(self.inner.clone())
    }

    /// Lists [attestors][google.cloud.binaryauthorization.v1.Attestor].
    /// Returns INVALID_ARGUMENT if the project does not exist.
    ///
    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
    pub fn list_attestors(&self) -> super::builder::binauthz_management_service_v_1::ListAttestors {
        super::builder::binauthz_management_service_v_1::ListAttestors::new(self.inner.clone())
    }

    /// Deletes an [attestor][google.cloud.binaryauthorization.v1.Attestor]. Returns NOT_FOUND if the
    /// [attestor][google.cloud.binaryauthorization.v1.Attestor] does not exist.
    ///
    /// [google.cloud.binaryauthorization.v1.Attestor]: crate::model::Attestor
    pub fn delete_attestor(
        &self,
    ) -> super::builder::binauthz_management_service_v_1::DeleteAttestor {
        super::builder::binauthz_management_service_v_1::DeleteAttestor::new(self.inner.clone())
    }
}

/// Implements a client for the Binary Authorization API.
///
/// # Example
/// ```
/// # tokio_test::block_on(async {
/// # use google_cloud_binaryauthorization_v1::client::SystemPolicyV1;
/// let client = SystemPolicyV1::builder().build().await?;
/// // use `client` to make requests to the Binary Authorization API.
/// # gax::client_builder::Result::<()>::Ok(()) });
/// ```
///
/// # Service Description
///
/// API for working with the system policy.
///
/// # Configuration
///
/// To configure `SystemPolicyV1` use the `with_*` methods in the type returned
/// by [builder()][SystemPolicyV1::builder]. The default configuration should
/// work for most applications. Common configuration changes include
///
/// * [with_endpoint()]: by default this client uses the global default endpoint
///   (`https://binaryauthorization.googleapis.com`). Applications using regional
///   endpoints or running in restricted networks (e.g. a network configured
//    with [Private Google Access with VPC Service Controls]) may want to
///   override this default.
/// * [with_credentials()]: by default this client uses
///   [Application Default Credentials]. Applications using custom
///   authentication may need to override this default.
///
/// [with_endpoint()]: super::builder::system_policy_v_1::ClientBuilder::with_endpoint
/// [with_credentials()]: super::builder::system_policy_v_1::ClientBuilder::credentials
/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
///
/// # Pooling and Cloning
///
/// `SystemPolicyV1` holds a connection pool internally, it is advised to
/// create one and the reuse it.  You do not need to wrap `SystemPolicyV1` in
/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
/// already uses an `Arc` internally.
#[derive(Clone, Debug)]
pub struct SystemPolicyV1 {
    inner: std::sync::Arc<dyn super::stub::dynamic::SystemPolicyV1>,
}

impl SystemPolicyV1 {
    /// Returns a builder for [SystemPolicyV1].
    ///
    /// ```
    /// # tokio_test::block_on(async {
    /// # use google_cloud_binaryauthorization_v1::client::SystemPolicyV1;
    /// let client = SystemPolicyV1::builder().build().await?;
    /// # gax::client_builder::Result::<()>::Ok(()) });
    /// ```
    pub fn builder() -> super::builder::system_policy_v_1::ClientBuilder {
        gax::client_builder::internal::new_builder(
            super::builder::system_policy_v_1::client::Factory,
        )
    }

    /// Creates a new client from the provided stub.
    ///
    /// The most common case for calling this function is in tests mocking the
    /// client's behavior.
    pub fn from_stub<T>(stub: T) -> Self
    where
        T: super::stub::SystemPolicyV1 + 'static,
    {
        Self {
            inner: std::sync::Arc::new(stub),
        }
    }

    pub(crate) async fn new(
        config: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<Self> {
        let inner = Self::build_inner(config).await?;
        Ok(Self { inner })
    }

    async fn build_inner(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<std::sync::Arc<dyn super::stub::dynamic::SystemPolicyV1>> {
        if gaxi::options::tracing_enabled(&conf) {
            return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
        }
        Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
    }

    async fn build_transport(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::SystemPolicyV1> {
        super::transport::SystemPolicyV1::new(conf).await
    }

    async fn build_with_tracing(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::SystemPolicyV1> {
        Self::build_transport(conf)
            .await
            .map(super::tracing::SystemPolicyV1::new)
    }

    /// Gets the current system policy in the specified location.
    pub fn get_system_policy(&self) -> super::builder::system_policy_v_1::GetSystemPolicy {
        super::builder::system_policy_v_1::GetSystemPolicy::new(self.inner.clone())
    }
}

/// Implements a client for the Binary Authorization API.
///
/// # Example
/// ```
/// # tokio_test::block_on(async {
/// # use google_cloud_binaryauthorization_v1::client::ValidationHelperV1;
/// let client = ValidationHelperV1::builder().build().await?;
/// // use `client` to make requests to the Binary Authorization API.
/// # gax::client_builder::Result::<()>::Ok(()) });
/// ```
///
/// # Service Description
///
/// BinAuthz Attestor verification
///
/// # Configuration
///
/// To configure `ValidationHelperV1` use the `with_*` methods in the type returned
/// by [builder()][ValidationHelperV1::builder]. The default configuration should
/// work for most applications. Common configuration changes include
///
/// * [with_endpoint()]: by default this client uses the global default endpoint
///   (`https://binaryauthorization.googleapis.com`). Applications using regional
///   endpoints or running in restricted networks (e.g. a network configured
//    with [Private Google Access with VPC Service Controls]) may want to
///   override this default.
/// * [with_credentials()]: by default this client uses
///   [Application Default Credentials]. Applications using custom
///   authentication may need to override this default.
///
/// [with_endpoint()]: super::builder::validation_helper_v_1::ClientBuilder::with_endpoint
/// [with_credentials()]: super::builder::validation_helper_v_1::ClientBuilder::credentials
/// [Private Google Access with VPC Service Controls]: https://cloud.google.com/vpc-service-controls/docs/private-connectivity
/// [Application Default Credentials]: https://cloud.google.com/docs/authentication#adc
///
/// # Pooling and Cloning
///
/// `ValidationHelperV1` holds a connection pool internally, it is advised to
/// create one and the reuse it.  You do not need to wrap `ValidationHelperV1` in
/// an [Rc](std::rc::Rc) or [Arc](std::sync::Arc) to reuse it, because it
/// already uses an `Arc` internally.
#[derive(Clone, Debug)]
pub struct ValidationHelperV1 {
    inner: std::sync::Arc<dyn super::stub::dynamic::ValidationHelperV1>,
}

impl ValidationHelperV1 {
    /// Returns a builder for [ValidationHelperV1].
    ///
    /// ```
    /// # tokio_test::block_on(async {
    /// # use google_cloud_binaryauthorization_v1::client::ValidationHelperV1;
    /// let client = ValidationHelperV1::builder().build().await?;
    /// # gax::client_builder::Result::<()>::Ok(()) });
    /// ```
    pub fn builder() -> super::builder::validation_helper_v_1::ClientBuilder {
        gax::client_builder::internal::new_builder(
            super::builder::validation_helper_v_1::client::Factory,
        )
    }

    /// Creates a new client from the provided stub.
    ///
    /// The most common case for calling this function is in tests mocking the
    /// client's behavior.
    pub fn from_stub<T>(stub: T) -> Self
    where
        T: super::stub::ValidationHelperV1 + 'static,
    {
        Self {
            inner: std::sync::Arc::new(stub),
        }
    }

    pub(crate) async fn new(
        config: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<Self> {
        let inner = Self::build_inner(config).await?;
        Ok(Self { inner })
    }

    async fn build_inner(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<std::sync::Arc<dyn super::stub::dynamic::ValidationHelperV1>>
    {
        if gaxi::options::tracing_enabled(&conf) {
            return Ok(std::sync::Arc::new(Self::build_with_tracing(conf).await?));
        }
        Ok(std::sync::Arc::new(Self::build_transport(conf).await?))
    }

    async fn build_transport(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::ValidationHelperV1> {
        super::transport::ValidationHelperV1::new(conf).await
    }

    async fn build_with_tracing(
        conf: gaxi::options::ClientConfig,
    ) -> gax::client_builder::Result<impl super::stub::ValidationHelperV1> {
        Self::build_transport(conf)
            .await
            .map(super::tracing::ValidationHelperV1::new)
    }

    /// Returns whether the given Attestation for the given image URI
    /// was signed by the given Attestor
    pub fn validate_attestation_occurrence(
        &self,
    ) -> super::builder::validation_helper_v_1::ValidateAttestationOccurrence {
        super::builder::validation_helper_v_1::ValidateAttestationOccurrence::new(
            self.inner.clone(),
        )
    }
}
